Distributed rate limiting for TrustSeal and ScamCheck — implemented via Firestore documents with TTL fields. Pattern: one document per IP+namespace per day, updated with atomic increments. expiresAt field enables Firestore TTL policy for automatic cleanup. Free tier: 3 checks per day per IP without authentication. Authenticated users get unlimited checks on paid plans (TrustSeal) or unlimited free checks (ScamCheck after sign-up).
Operational records — 7 total
Operational cost governance doctrine for TrustSeal and ScamCheck. Documents where costs originate, concrete free-tier economics, the 7 cost invariants that prevent runaway resource consumption, scaling thresholds with upgrade triggers, abuse containment strategy, and silent cost escalation vectors. All figures derived from real architecture — Gemini 1.5-flash free tier, Firebase Spark plan, Razorpay transaction fees.
Production pattern for per-user quota tracking, monthly reset logic, atomic increment, pre-AI-call enforcement, and abuse prevention using Firestore. Implemented in TrustSeal (10 free checks/month, premium tier) and ScamCheck (unlimited free after sign-up). Covers the data model, the enforcement code, the reset mechanism, and the cost protection logic that prevents free-tier Gemini quota from being exhausted by a single user.
Operational reference for running Gemini AI in production via Firebase Cloud Functions. Covers: structured output enforcement, JSON parse failure handling, 429 rate limit UX design, server-side key isolation, cold start latency mitigation, Node runtime requirements, and the three-part prompt architecture that produces reliable structured output across calls.
Complete operational provenance for ScamCheck (scamcheck.asquaresolution.com) from concept through production. Build phases, infrastructure changes, Gemini rate limit incident, auth configuration, CSS architecture decisions, and deployment milestones — consolidated as a queryable operational record.
TrustSeal (trustseal.asquaresolution.com) — AI-powered website trust verification tool. React/Vite/GitHub Pages frontend, Firebase Auth + Firestore backend, Firebase Functions v2 for Gemini AI analysis and Razorpay webhook handling. Subscription-based monetization via Razorpay (INR). Node 22 runtime required.
ScamCheck (scamcheck.asquaresolution.com) — AI-powered scam detection tool. React/Vite/GitHub Pages frontend, Firebase Auth + Firestore backend, Firebase Functions v2 for Gemini AI scam analysis. Plain CSS (no Tailwind — justified at this UI scope). Free-tier AI tool with no payment layer. Node 22 runtime required.
ScamCheck's Gemini scam detection Cloud Function hit the free tier rate limit (429 Too Many Requests) during rapid testing. The client had no handling for the 429 case and showed an indefinite spinning loader. Root cause: the Cloud Function did not return a structured error response for 429, and the client had no branch for anything other than success. Fix: return { rateLimited: true } from the Cloud Function on 429, detect it client-side, and render a specific message.